Ti collector本项目致力于收集网上公开来源的威胁情报,主要关注信誉类威胁情报(如IP/域名等),以及事件类威胁情报。
Threat IntelArchive of publicly available threat INTel reports (mostly APT Reports but not limited to).
OmnibusThe OSINT Omnibus (beta release)
MihariA helper to run OSINT queries & manage results continuously
ElementalElemental - An ATT&CK Threat Library
OsweepDon't Just Search OSINT. Sweep It.
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Awesome DevsecopsAn authoritative list of awesome devsecops tools with the help from community experiments and contributions.
ScotSandia Cyber Omni Tracker (SCOT)
Misp ModulesModules for expansion services, import and export in MISP
Misp TrainingMISP trainings, threat intel and information sharing training materials with source code
Misp WarninglistsWarning lists to inform users of MISP about potential false-positives or other information in indicators
PhishingkithunterFind phishing kits which use your brand/organization's files and image.
Sweetie DataThis repo contains logstash of various honeypots
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Docker MispAutomated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
DnsmorphDomain name permutation engine written in Go
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Misp DashboardA dashboard for a real-time overview of threat intelligence from MISP instances
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
MthcAll-in-one bundle of MISP, TheHive and Cortex
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Chatterinternet monitoring osint telegram bot for windows
Misp MaltegoSet of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
CertstreammonitorMonitor certificates generated for specific domain strings and associated, store data into sqlite3 database, alert you when sites come online.
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
PygreynoisePython3 library and command line for GreyNoise
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
TelerReal-time HTTP Intrusion Detection
Malware FeedBringing you the best of the worst files on the Internet.
Ioc2rpzioc2rpz is a place where threat intelligence meets DNS.
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
MatireMalware Analysis, Threat Intelligence and Reverse Engineering: LABS
WhitehatInformation about my experiences on ethical hacking 💀
Otx mispImports Alienvault OTX pulses to a MISP instance
MelodyMelody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulation.
MalcomMalcom - Malware Communications Analyzer
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
HarpoonCLI tool for open source and threat intelligence
KlaraKaspersky's GReAT KLara
MitakaA browser extension for OSINT search
GosintThe GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Freki🐺 Malware analysis platform
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation